iPad users on Windows targeted with malware

Fake iTunes update for iPad installs back door on computers in new scam, researchers say.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

April 26, 2010 2:57 p.m. PT

This screenshot shows that the download is identified as malware. BitDefender

Scammers are distributing e-mails designed to trick iPad owners into downloading software that they think is an iTunes update, but which turns out to be malware that opens a back door on the computer, researchers warned on Monday.

The e-mails have a subject line that says "iPad Software Update" and offer a link to a Web page that looks like a legitimate iTunes download page, according to BitDefender. Instead, the link installs malware identified as Backdoor.Bifrose.AADY, according to the BitDefender blog.

The malware injects itself in to the "explorer.exe" process and opens up a back door that attackers can use to take control of the system whenever they want, the post said. It also attempts to read the keys and serial numbers of the various software programs installed on the computer and logs passwords to the victim's ICQ, Messenger, and POP3 mail accounts, and protected storage, BitDefender said.

Mac users are not affected by this piece of malware, according to the post.